By Jamie King
Over the past two years we have sat through numerous sessions on the topic of combining anti-money-laundering (AML) and fraud at various conferences. Numerous articles have also been written on the topic. Until recently, most of the talk has centered on bigger institutions. But we think the focus should be on how financial institutions of various sizes are working on fraud and AML today.
Mary is the chief compliance officer and chief risk officer at a $300 million financial institution. Every Monday morning Mary works through her alerts from an automated fraud/AML (FRAML) system. She starts with her fraud alerts and completes a first pass by lunch time, separating the obvious false alerts from those she would like to investigate further. After lunch she works through about 20 money laundering alerts. It is very common for her to see some of the same suspects in her AML alerts that she’s previously reviewed. Perhaps she cleared them or opened a fraud case on them just a few hours ago. She either acknowledges this alert or adds it to the opened case and makes a note that this may be fraud or money laundering. She then spends the next few days investigating this unusual activity. Several of the cases turn out to be fraud. She quickly closes the account. In another case, what appeared to be check kiting turns out to be a money laundering structuring scenario, so she decides to file a SAR.
Then there’s Lisa and Frank, who work at a $2 billion financial institution. Lisa is the chief compliance officer and Frank is head of risk management. Since their institution is four times as big as Mary’s bank, they typically see four times as many alerts. Each of them has hired an assistant to help manage the alerts. On Monday morning each of their assistants will start reviewing the fraud and money laundering alerts and determine whether to acknowledge the alert as a false positive or to assign it to their bosses (Lisa and Frank) for further investigation. Since they both work independently it is very common for them to see the same customers. And because they use separate monitoring and case management systems, this often results in Frank and Lisa investigating the same people.
Finally let’s take a look at Kathy, Doug, Susan and Fred. They work at a $20 billion institution. Because they receive so many alerts across their different channels, not only do they have separate fraud detection and anti-money laundering groups, they have also separated their risk management into card fraud, check fraud and ACH/wire fraud. Each of them has a small team of case investigators reporting to them.
Now consider the sophisticated criminal who has learned to commit fraudulent activity across multiple channels. This particular criminal has used a phishing scam to steal a customer’s credentials and has logged into an online banking system and set up a series of payments to a foreign account. In addition, he changed the customer’s mailing address and ordered a new ATM card. This activity shows up in the money laundering monitoring system as well as the various fraud monitoring systems, resulting in four different teams investigating the same account.
These examples are very representative of the real world. While it is rare for a larger institution to look to a small bank in order to try to improve their processes, perhaps it’s time to look beyond the norm.n
Jamie King is CEO at Verafin, a provider of a converged fraud and anti-money laundering application for nearly 800 banks and credit unions in North America.